<?php
session_start();
include ("connect.php");
$session_id = session_id ();
$username = $_POST['login'];
$password = $_POST['password'];

if ($_POST['login']!='')
{
	// Mysql Connection
	include ("connect.php");
	
	//echo $username;
	//echo $password;
	$username=mysql_escape_real_string($username);
	$password=mysql_escape_real_string($password);
	
	
	// MySQL Query
	$consulta="Select * from `ascent`.`accounts` where `login` = '".$username."' AND `password` = '".$password."' LIMIT 1;";
	$result=mysql_query($consulta, $MySQL);
		if(!$result)
	{
			echo '<p> wrong query.';exit;
		}
	$numreg=mysql_num_rows($result);
	if($numreg==0)
		{
		$_SESSION['error'] = '<span style="color: red">Login has failed, type your username and password again correctly.</span>';
		header('Location: ./');
	} else {
		// Mysql fetch row results
		$row = mysql_fetch_assoc($result);
		
		$_SESSION['acct'] = $row['acct'];
		$_SESSION['login'] = $username;
		$_SESSION['error'] = 'You are successfully logged in<br> Welcome, '.$username;
		header('Location: ./');
	}
	mysql_close($MySQL);
}
else
header('Location: ./')
?>